A data breach is when private and confidential information has been exposed or shared without the owner’s permission.
This kind of cyber attack causes a lot of loss and damage, both in costs and reputation. For example, Kaspersky reports small and medium businesses can suffer a heavy loss of about USD101,000 (PHP4.8 million). In addition, companies will also lose customers, both existing and potential.
A data breach can happen to anyone, not just to companies but also to the government or an individual. To recap, hackers included nearly 900,000 Facebook accounts of Filipino users in a mass-scale data leak that affected over 500 million users worldwide.
Kaspersky’s guide for companies facing data breach
For this reason, Kaspersky put up a five-step guide for businesses in the event of a data breach.
- Assess the situation. Evaluate the risk of the data breach to customers. Risk assessment helps you decide the following steps to take.
- Be transparent. In 40% of businesses around the world, employees hide an incident when it happens. Hiding an incident may lead to dramatic consequences, increasing the damage caused. and customers losing trust in the business. Instead, tell customers what happened and give them advice on what to do next
- Document everything. Document every data breach, even if you don’t have to report it. Record what happened, the steps you took, and why the breach was reported or not reported.
- Learn lessons. Once the cause has been identified, fix it. Next, make sure all staff receive training in how to prevent future breaches. Human error causes most data breaches.
- Notify parties. If you’re processing data for other organizations, don’t forget to tell them about the breach.
Kaspersky’s tips for individuals facing identify theft due to data breach
As for anyone who suspects being a victim of identify theft, here’s what Kaspersky advises you to do:
- Discover the source. To correct the problem, you should find out the origin of the attack.
- Think of your most recent online activity. To limit your exposure, ensure logging in using a secure connection. Also, avoid using linked accounts and similar passwords so cybercriminals can daisy chain your information, which allows all of your accounts to be compromised by breaking into just one.
- Start making calls. Begin with any companies where the fraud occurred and ask them to close or freeze your accounts and change all of your login and password information.
- Cover your bases. Keep an eye on your credit reports beyond 90 days and flag anything fraudulent immediately. In addition, limit the number of credit services you use to reduce the long-term impact of identity theft.
Kaspersky’s effective anti-breach solutions
Now to avoid ever encountering data breach, Kaspersky offers surefire ways:
- Always be on the lookout for new patches and updates for your software. Keeping the operating system fresh and running the latest version simultaneously removes outdated features and fixes previous security flaws.
- Encryption is key to protecting sensitive information and assets. It’s cost-effective, provides a layer of protection for remote workers, and increases the integrity of your data.
- Using devices that are no longer supported by the manufacturer will attract unnecessary risks. Upgrading devices ensures that users are protected against newer vulnerabilities.
- Enforce strict Bring-Your-Own-Device (BYOD) security policies by requiring the use of business-grade VPN services or antivirus software. Social engineering tricks usually target employees or individuals with access to an organization’s networks and systems through insecure devices.
- Observe safe practices like using solid credentials or activating multi-factor authentication.
- Educate employees on how to avoid socially engineered attacks and use the best security practices. Individual users must also take it upon themselves to understand how to spot a potential attack when there is one.
Small and medium businesses, which are also not immune to cyberattacks, can avail up to 40% in savings on the KEDRO security solution.
Kaspersky is also offering free e-gift vouchers (choice of Grab, GCash, or PayMaya) for every purchase of the Total Security (valid for 1 year for 1 device) or Internet Security (valid for 1 or 2 years for 1, 3, or 5 devices) products.
Please visit this link for the complete list of participating stores and for more information about the promo.